
<div class="contenido">
<?php
	require_once('Sqlite/DB.php');
	$db = openDB('Sqlite/myDatabase');
	if(isset($_POST['cancelar'])){
		header('Location: index.php');
	}
	else if(isset($_POST['acceder'])){
			if(isset($_POST['username']) && !($_POST['username'])==''){
				if(isset($_POST['password'])&& !($_POST['password'])==''){
					
					// Define $myusername and $mypassword 
					$myusername=$_POST['username']; 
					$mypassword=$_POST['password'];
					
					// To protect MySQL injection (more detail about MySQL injection)
					$myusername = stripslashes($myusername);
					$mypassword = stripslashes($mypassword);
					$myusername = mysql_real_escape_string($myusername);
					$mypassword = mysql_real_escape_string($mypassword);
					
					$query='SELECT Password FROM Administracion WHERE user_Administrador=\''.$_POST['username'].'\'';
					$aux = queryDB($db,$query);
					$passw=getRow($aux);
					if ($passw['Password'] == $_POST['password']){
						session_start();
						// Register $myusername, $mypassword and redirect to file "login_success.php" para mi paginador_admin
						$_SESSION ['loggedin'] = true;
						$_SESSION ['user'] = $_POST['username'];
						header('Location: index.php?p=administracion');
						}
					else
						header('Location: index.php?p=loginInvalido&error=true');
				}
				else
					header('Location: index.php?p=loginInvalido&error=true');
			}
			else
				header('Location: index.php?p=loginInvalido&error=true');
	}
?>
</div>
